Technology Security Analyst (API)

Job Description

We are FIS. Our technology powers the world’s economy and our teams bring innovation to life. We champion diversity to deliver the best products and solutions for our colleagues, clients and communities. If you’re ready to start learning, growing and making an impact with a career in fintech, we’d like to know: Are you FIS?

NOTE:

1. If candidates are located within commutable distance of an FIS office location then expectations would be to be hybrid in the office 3 days/week.

2. Current and future sponsorship are not available for this position

About the role:
As an IT Security Analyst with FIS, your skills will be put to the test on the front lines of cyber-crime. Information security is at the heart of fintech and you’ll help protect and secure highly-sensitive financial data for customers around the world.
 

About the Team:

The Appsec Architecture and Engineering is responsible for developing and maintaining policies and standards for the FIS API Security Program and collaborate with internal development teams to implement security controls in APIs, conducting secure design reviews and automates workflows to track and remediate API vulnerabilities.

The team identifies and addresses gaps in incumbent security tools (SAST, SCA, Container security), collaborates with vendors to address/enhance scanning coverage and define/refine the internal processes to ensure the efficiency and strengthen overall security program.

What you will be doing:

• Develop and maintain policy and standards for FIS API security program.

• Collaborate with internal development teams to build/advocate security controls in Application Programming Interface (API), and performing the secure design review of the APIs.

• Assist in the security standards, and processes of SDLC to protect Application, APIs, and CI/CD.

• Primarily responsible for API and Application security but with a good working knowledge of other security domains (Cryptography, Identity and Access Management, Threat and Vulnerability Management)

• Manage the API runtime monitoring tool and work with vendor to tune/configure to provide the maximum but accurate coverage to FIS software.

• Identify the gaps in SAST/SCA/Container/IAC and other tool’s rule/configuration and work with vendor to engineer them to provide the maximum scanning coverage to FIS software.

• Crate software/automated workflows and collaborate with other stakeholders to integrate security tooling to track the API findings and work with development team to remediate them.

• Collaborate with WAF team to define/modify the rules to protect the APIs.

What you bring:

• Total 6+ years of hands-on professional software development and security experience, with a strong foundation in security practices and expertise in languages such as Java or C#.

• Proven experience in API Security and Application security, including secure design reviews.

• Collaborated closely with development teams to integrate security control and remediate vulnerabilities.

• Collaborated with development team and DevOps team to integrate security tools and workflows into automated development environments.

• Good understanding of SAST, SCA, IaC, and container security tools (e.g., Checkmarx One) working and tuning of such tools to maximize coverage and reduce false positives.

• Strong knowledge of OWASP Top 10 and OWASP API Top 10, with the ability to identify, assess, and guide remediation of vulnerabilities through both manual and automated methods.

• Excellent communication skills, with the ability to convey complex security concepts to both technical and non-technical stakeholders.

• Strong organizational and time management skills, with a track record of driving security initiatives across cross-functional teams in a remote or hybrid environment.

Added Bonus if you have:

• Knowledge of FIS products and services a plus but not required

• Knowledge of Financial Industry preferred.

What we offer you:
At FIS, you can learn, grow and make an impact in your career. Our benefits include:

• Flexible and creative work environment

• Diverse and collaborative atmosphere

• Professional and personal development resources

• Opportunities to volunteer and support charities

• Competitive salary and benefits

NOTE:

1. If candidates are located within commutable distance of an FIS office location then expectations would be to be hybrid in the office 3 days/week.

2. Current and future sponsorship are not available for this position

FIS is committed to providing its employees with an exciting career opportunity and competitive compensation. The pay range for this full-time position is $86,120.00 - $144,670.00 and reflects the minimum and maximum target for new hire salaries for this position based on the posted role, level, and location. Within the range, actual individual starting pay is determined by additional factors, including job-related skills, experience, and relevant education or training. Any changes in work location will also impact actual individual starting pay. Please consult with your recruiter about the specific salary range for your preferred location during the hiring process.

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

EEOC Statement

FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here

For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass